evtx
There are 41 repositories under evtx topic.
sbousseaden/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
mdecrevoisier/Microsoft-eventlog-mindmap
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
williballenthin/python-evtx
Pure Python parser for Windows Event Log files (.evtx)
wagga40/Zircolite
A standalone SIGMA-based detection tool for EVTX, Auditd and Sysmon for Linux logs
mdecrevoisier/EVTX-to-MITRE-Attack
Set of EVTX samples (>270) mapped to MITRE ATT&CK tactic and techniques to measure your SIEM coverage or developed new use cases.
EricZimmerman/evtx
C# based evtx parser with lots of extras
jurelou/epagneul
Graph Visualization for windows event logs
fox-it/danderspritz-evtx
Parse evtx files and detect use of the DanderSpritz eventlogedit module
NVISOsecurity/evtx-hunter
evtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
ine-labs/ThreatSeeker
ThreatSeeker: Threat Hunting via Windows Event Logs
sumeshi/evtx2es
A library for fast parse & import of Windows Eventlogs into Elasticsearch.
kacos2000/Evtx_Log_Browser
Evtx Log (xml) Browser
AhmedKamal1432/Evilize
Triaging Windows event logs based on SANS Poster
ceramicskate0/SWELF
Simple Windows Event Log Forwarder (SWELF). Its easy to use/simply works Log Forwarder and EVTX Parser. Almost in full release here at https://github.com/ceramicskate0/SWELF/releases/latest.
logpresso/community
Logpresso Mini and community contents for incident response
Lyc4on/EvtXHunt
EvtXHunt is an Autopsy plugin that is able to analyze Windows EVTX logs against a library of SIGMA rules.
forensenellanebbia/powershell-scripts
Powershell scripts
whatabeautifulmemory/glossy
Glossy Event Log Forensics
martinmathurine/Windows-Event-Log-Analyser
This is a PySimpleGUI-based Python software tool for processing and visualising selected Windows Event Security.evtx log files that meet a condition in Event ID 4688.
bricerenaud/import-EVTX-to-XDR
Simple Python script to convert, enrich and upload an EVTX file to Palo Alto Networks Cortex XDR using an HTTP Custom Collector.
devynspencer/elk-moose
Quickly analyze Windows event logs.
jupyterj0nes/masstin
Masstin: High-Speed DFIR Tool written in Rust and Graph Visualization in Neo4j for Comprehensive Lateral Movement Analysis
KnightChaser/aesir
A simple System monitor(Sysmon) EVTX inspector; search, visualize, and track Sysmon events
spirospolitis/evtx-convert
Convert Windows Event Log .evtx files to other formats.
faisal6me/Powershell-Forensic-Analysis
Fast Analysis For Powershell logs
gustavoparedes/QuickLog
Windows log viewer organized according to this job https://cybersecuritynews.com/windows-event-log-analysis/
the-siegfried/py-evtx-ripper
A command line wrapper for the python-evtx library.
troplolBE/evtx-to-elk
Program to send logfiles to ELK using winlogbeat.
yakisyst3m/evtx2log
convertir les journaux .evtx en .log lisibles
Alshadex/EvtxReader
The Python Windows .evtx log file parser module
d4rk-d4nph3/ejax
Windows EVTX to XML and JSON converter
DemetriusStorm/PrintLogCollector
Windows service to collect print events and save them to MSSQL DB
duanshuaimin/EVTX-ATTACK-SAMPLES
Windows Events Attack Samples
evtx-viewer/evtx-viewer-cli
📃 Deb Linux Package for viewing Microsoft security logs in EVTX format.
PLZENTERTEXT/autopsy-sigmaa-ingest-module
An Autopsy data source ingest module for detection of IOCs in EVTX for Windows and Auditd for Linux based on SIGMA Rules.